privacyguides
/
privacyguides.org
mirror of https://github.com/privacyguides/privacyguides.org.git
1
0
Fork 0
Code Issues Activity

Automated PR Testing (#2469)

This commit is contained in:
Jonah Aragon 2024-03-31 06:10:46 -05:00 committed by Daniel Gray
parent b536928661
commit 632761cae1
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
63 changed files with 471 additions and 867 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.github/ISSUE_TEMPLATE/1_Content_Correction.yml vendored
View File

@ -22,7 +22,6 @@ name: "Content Correction"
description: Report any inaccurate, incorrect, or outdated information on the website.
labels: ["t:correction"]
body:
- type: markdown
attributes:
value: |

1
.github/ISSUE_TEMPLATE/2_Website_Issues.yml vendored
View File

@ -24,7 +24,6 @@ labels: ["t:bug"]
assignees:
- jonaharagon
body:
- type: markdown
attributes:
value: |

3
.github/dependabot.yml vendored
View File

@ -21,7 +21,6 @@
version: 2
registries:
github-privacyguides:
type: git
url: https://github.com
@ -29,7 +28,6 @@ registries:
password: ${{secrets.REPO_PAT}}
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
@ -51,7 +49,6 @@ updates:
interval: "monthly"
labels:
- "fix:submodules"
# Disabled because some updates tend to remove needed dependencies for some reason
# # Maintain dependencies for pipenv

113
.github/workflows/build-offline.yml vendored
View File

@ -1,113 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Build Offline Website
on:
workflow_call:
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
persist-credentials: 'false'
- uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- name: Python setup
uses: actions/setup-python@v5
with:
cache: 'pipenv'
- uses: actions/cache/restore@v4.0.2
with:
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
restore-keys: |
site-cache-${{ github.repository }}-en-${{ github.ref }}-
site-cache-${{ github.repository }}-en-
- name: Install Python dependencies
run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- name: Build website
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CARDS: false
run: |
pipenv run mkdocs build --config-file config/mkdocs-offline.yml
pipenv run mkdocs --version
- name: Package website
run: |
tar -czvf offline.tar.gz site
zip -r -q offline.zip site
- uses: actions/cache/save@v4.0.2
with:
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
- name: Upload tar.gz file
uses: actions/upload-artifact@v4
with:
name: offline.tar.gz
path: offline.tar.gz
- name: Upload zip file
uses: actions/upload-artifact@v4
with:
name: offline.zip
path: offline.zip
- name: Create ZIM File
uses: addnab/docker-run-action@v3
with:
image: ghcr.io/openzim/zim-tools:3.1.3
options: -v ${{ github.workspace }}:/data
run: |
zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/offline-privacy_guides.zim
- name: Upload ZIM file
uses: actions/upload-artifact@v4
with:
name: offline-privacy_guides.zim
path: offline-privacy_guides.zim

136
.github/workflows/build.yml vendored
View File

@ -1,136 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Build Website
on:
workflow_call:
inputs:
ref:
required: true
type: string
repo:
required: true
type: string
lang:
type: string
default: en
context:
type: string
default: deploy-preview
continue-on-error:
type: boolean
default: true
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
continue-on-error: ${{ inputs.continue-on-error }}
permissions:
contents: read
steps:
- uses: actions/checkout@v4
with:
repository: ${{ inputs.repo }}
ref: ${{ inputs.ref }}
persist-credentials: 'false'
fetch-depth: 0
- uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- if: inputs.lang != 'en'
run: |
cp -rl modules/repo-i18n/i18n .
cp -rl modules/repo-i18n/includes .
cp -rl modules/repo-i18n/theme .
- uses: actions/setup-python@v5
with:
cache: 'pipenv'
- uses: actions/cache/restore@v4.0.2
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
restore-keys: |
site-cache-${{ inputs.repo }}-${{ inputs.ref }}-
site-cache-${{ inputs.repo }}-
- uses: actions/cache/restore@v4.0.2
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
restore-keys: |
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-
- run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- if: inputs.lang != 'en'
uses: falti/dotenv-action@v1.1
with:
path: includes/strings.${{ inputs.lang }}.env
export-variables: true
keys-case: bypass
- env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CONTEXT: ${{ inputs.context }}
PRODUCTION: true
run: |
pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml
cp -r static/* site/
pipenv run mkdocs --version
tar -czvf site-build-${{ inputs.lang }}.tar.gz site
- uses: actions/cache/save@v4.0.2
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
- uses: actions/cache/save@v4.0.2
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
- uses: actions/upload-artifact@v4
with:
name: site-build-${{ inputs.lang }}.tar.gz
path: site-build-${{ inputs.lang }}.tar.gz

33
.github/workflows/cleanup.yml vendored
View File

@ -1,33 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Cleanup Artifacts
on:
workflow_call:
jobs:
cleanup:
runs-on: ubuntu-latest
steps:
- uses: geekyeggo/delete-artifact@v5
with:
name: repo-*
failOnError: false

51
.github/workflows/deploy-all.yml vendored Normal file
View File

@ -0,0 +1,51 @@
name: Deploy Website Build
permissions:
contents: read
pages: write
id-token: write
on:
workflow_call:
inputs:
netlify_production:
type: boolean
default: true
github_pages:
type: boolean
default: true
minio_production:
type: boolean
default: true
outputs:
netlify_preview_address:
value: ${{ jobs.netlify.outputs.address }}
secrets:
NETLIFY_TOKEN:
PROD_MINIO_KEY_ID:
PROD_MINIO_SECRET_KEY:
jobs:
netlify:
if: inputs.netlify_production
uses: privacyguides/.github/.github/workflows/deploy-netlify.yml@main
with:
netlify_site_id: ${{ vars.PROD_NETLIFY_SITE }}
environment: production
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
minio:
if: inputs.minio_production
uses: privacyguides/.github/.github/workflows/deploy-minio.yml@main
with:
environment: production
secrets:
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
pages:
if: inputs.github_pages
uses: privacyguides/.github/.github/workflows/deploy-pages.yml@main
with:
environment: github-pages

237
.github/workflows/deploy.yml vendored
View File

@ -1,237 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Deploy Website Build
on:
workflow_call:
inputs:
netlify_preview:
type: boolean
netlify_alias:
type: string
netlify_production:
type: boolean
github_pages:
type: boolean
bunnycdn_production:
type: boolean
minio_production:
type: boolean
outputs:
netlify_preview_address:
value: ${{ jobs.netlify_preview.outputs.address }}
secrets:
NETLIFY_TOKEN:
PROD_BUNNYCDN_API_KEY:
PROD_BUNNYCDN_PASSWORD:
PROD_MINIO_KEY_ID:
PROD_MINIO_SECRET_KEY:
jobs:
netlify_preview:
if: inputs.netlify_preview
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
address: ${{ steps.address.outputs.address }}
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
ls -la site/
- uses: actions/setup-node@v4
- run: |
npm install netlify-cli -g
- if: inputs.netlify_preview
name: Limit length of Netlify alias to 12
run: echo "SHORT_ALIAS=`echo ${{ inputs.netlify_alias }} | cut -c1-12`" >> $GITHUB_ENV
- if: inputs.netlify_preview
id: deployment
env:
NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
run: |
netlify deploy --dir=site --alias=${{ env.SHORT_ALIAS }}
echo "DEPLOYED_ADDRESS=https://${{ env.SHORT_ALIAS }}--${{ vars.NETLIFY_SITE }}.netlify.app/" >> "$GITHUB_ENV"
- id: address
run: |
echo "address=$DEPLOYED_ADDRESS" >> "$GITHUB_OUTPUT"
netlify_production:
if: inputs.netlify_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://illustrious-bavarois-56cf30.netlify.app/
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
ls -la site/
- uses: actions/setup-node@v4
- run: |
npm install netlify-cli -g
- id: prod_deployment
env:
NETLIFY_SITE_ID: ${{ vars.PROD_NETLIFY_SITE }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
run: |
netlify deploy --dir=site --prod-if-unlocked
github_pages:
if: inputs.github_pages
runs-on: ubuntu-latest
concurrency:
group: "pages"
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
# Grant GITHUB_TOKEN the permissions required to make a Pages deployment
permissions:
contents: read
pages: write # to deploy to Pages
id-token: write # to verify the deployment originates from an appropriate source
steps:
- uses: actions/configure-pages@v5
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: 1arp/create-a-file-action@0.4.4
with:
path: site
file: index.html
content: |
<html lang="en">
<head>
<title>Redirecting to English site...</title>
<meta
http-equiv="refresh"
content="0; URL=./en/"
/>
</head>
</html>
- uses: actions/upload-pages-artifact@v3
with:
path: site
- id: deployment
uses: actions/deploy-pages@main
bunnycdn_production:
if: inputs.bunnycdn_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://privacyguides-org-production.b-cdn.net
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: own3d/bunny-action@bfaa5c6bc8b7a7ebd599ddd4912347d7c3847e78
env:
BUNNY_API_ACCESS_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
BUNNY_STORAGE_HOSTNAME: storage.bunnycdn.com
BUNNY_STORAGE_USERNAME: ${{ vars.PROD_BUNNYCDN_USER }}
BUNNY_STORAGE_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
BUNNY_PULL_ZONE_ID: 2117106
with:
args: deploy --dir=site
minio_production:
if: inputs.minio_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://privacyguides-org-production.stor1-minio.jonaharagon.net
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: jakejarvis/s3-sync-action@master
with:
args: --acl public-read --follow-symlinks --delete
env:
SOURCE_DIR: "site/"
AWS_S3_BUCKET: ${{ vars.PROD_MINIO_BUCKET }}
AWS_S3_ENDPOINT: ${{ vars.PROD_MINIO_HOSTNAME }}
AWS_ACCESS_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}

48
.github/workflows/download-repo.yml vendored
View File

@ -1,48 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Download Repository
on:
workflow_call:
inputs:
repo:
required: true
type: string
secrets:
ACTIONS_SSH_KEY:
required: true
jobs:
download:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
repository: 'privacyguides/${{ inputs.repo }}'
path: repo-${{ inputs.repo }}
ssh-key: ${{ secrets.ACTIONS_SSH_KEY }}
- uses: actions/upload-artifact@v4
with:
name: repo-${{ inputs.repo }}
path: repo-${{ inputs.repo }}
retention-days: 1

5
.github/workflows/publish-mirror.yml vendored
View File

@ -20,7 +20,10 @@
name: 🪞 Push to Mirrors
on: [ push, delete, create ]
permissions:
contents: read
on: [push, delete, create]
# Ensures that only one mirror task will run at a time.
concurrency:

27
.github/workflows/publish-pr.yml vendored
View File

@ -18,7 +18,7 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: 📦 Publish Pull Request Preview
name: 📦 PR Preview
on:
pull_request_target:
@ -30,17 +30,21 @@ concurrency:
permissions:
pull-requests: write
contents: read
pages: write
id-token: write
jobs:
submodule:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
repo:
- name: mkdocs-material-insiders
ref: main
- name: brand
ref: main
- name: i18n
ref: main
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
repo: ${{ matrix.repo.name }}
secrets:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
@ -56,7 +60,7 @@ jobs:
fail-fast: false
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
@ -67,12 +71,10 @@ jobs:
needs: build
permissions:
contents: read
pages: write
id-token: write
uses: ./.github/workflows/deploy.yml
uses: privacyguides/.github/.github/workflows/deploy-netlify-preview.yml@main
with:
netlify_preview: true
netlify_alias: ${{ github.event.pull_request.head.sha }}
netlify_site_id: ${{ vars.NETLIFY_SITE }}
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
@ -84,7 +86,6 @@ jobs:
env:
address: ${{ needs.deploy.outputs.netlify_preview_address }}
steps:
- uses: thollander/actions-comment-pull-request@v2.5.0
with:
message: |
@ -99,4 +100,4 @@ jobs:
cleanup:
if: ${{ always() }}
needs: build
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

17
.github/workflows/publish-release.yml vendored
View File

@ -18,12 +18,12 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: 📦 Publish Release
name: 📦 Release
on:
push:
tags:
- '*'
- "*"
permissions:
contents: write
@ -35,7 +35,7 @@ jobs:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
secrets:
@ -48,7 +48,7 @@ jobs:
lang: [en, es, fr, he, it, nl, ru, zh-Hant]
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{ github.ref }}
repo: ${{ github.repository }}
@ -60,7 +60,7 @@ jobs:
needs: submodule
permissions:
contents: read
uses: ./.github/workflows/build-offline.yml
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
release:
name: Create release notes
@ -84,20 +84,17 @@ jobs:
deploy:
needs: build
uses: ./.github/workflows/deploy.yml
uses: ./.github/workflows/deploy-all.yml
with:
netlify_production: true
github_pages: true
bunnycdn_production: true
minio_production: true
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
PROD_BUNNYCDN_API_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
PROD_BUNNYCDN_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
cleanup:
if: ${{ always() }}
needs: [build, buildoffline]
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

8
.github/workflows/test-build.yml vendored
View File

@ -31,7 +31,7 @@ jobs:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
secrets:
@ -45,7 +45,7 @@ jobs:
fail-fast: false
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{ github.ref }}
repo: ${{ github.repository }}
@ -56,9 +56,9 @@ jobs:
needs: submodule
permissions:
contents: read
uses: ./.github/workflows/build-offline.yml
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
cleanup:
if: ${{ always() }}
needs: [build, buildoffline]
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

81
.github/workflows/test-lint.yml vendored Normal file
View File

@ -0,0 +1,81 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: 🤖 Linting
permissions:
contents: read
on:
workflow_dispatch:
pull_request:
branches:
- main
push:
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
env:
MAIN_BRANCH: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
jobs:
megalinter:
name: MegaLinter
runs-on: ubuntu-latest
steps:
- if: ${{ env.MAIN_BRANCH }}
uses: actions/checkout@v4
- if: ${{ !env.MAIN_BRANCH }}
uses: actions/checkout@v4
with:
fetch-depth: 0
- id: ml
# You can override MegaLinter flavor used to have faster performances
# More info at https://megalinter.io/flavors/
uses: oxsecurity/megalinter/flavors/documentation@v7.10.0
env:
# All available variables are described in documentation
# https://megalinter.io/configuration/
# Validates all source when push on main, else just the git diff with main.
VALIDATE_ALL_CODEBASE: ${{ env.MAIN_BRANCH }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
DISABLE: COPYPASTE,SPELL,HTML
DISABLE_LINTERS: JSON_JSONLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER
DISABLE_ERRORS_LINTERS: CSS_STYLELINT,MARKDOWN_MARKDOWN_LINK_CHECK,YAML_YAMLLINT
EDITORCONFIG_EDITORCONFIG_CHECKER_ARGUMENTS: -disable-indentation
ENV_DOTENV_LINTER_ARGUMENTS: "--skip QuoteCharacter"
MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_INCLUDE: (docs)
MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.yml
MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: (PULL_REQUEST_TEMPLATE\.md)
# Upload MegaLinter artifacts
- name: Archive production artifacts
if: success() || failure()
uses: actions/upload-artifact@v4
with:
name: MegaLinter reports
path: |
megalinter-reports
mega-linter.log

32
.github/workflows/upload-crowdin.yml vendored
View File

@ -20,10 +20,13 @@
name: 💬 Crowdin Upload
permissions:
contents: read
on:
workflow_dispatch:
push:
branches: [ main ]
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@ -34,18 +37,17 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Checkout
uses: actions/checkout@v4
- name: crowdin action
uses: crowdin/github-action@v1.20.1
with:
upload_sources: true
upload_sources_args: '--auto-update --delete-obsolete'
download_translations: false
config: crowdin.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
- name: crowdin action
uses: crowdin/github-action@v1.20.1
with:
upload_sources: true
upload_sources_args: "--auto-update --delete-obsolete"
download_translations: false
config: crowdin.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}

5
.gitignore vendored
View File

@ -19,11 +19,6 @@ site
/config/.cache/plugin/social/*
!/config/.cache/plugin/social/fonts
# Editor settings
.vscode/*
!.vscode/extensions.json
!.vscode/settings.json
# Local Netlify folder
.netlify
node_modules

3
.markdownlint.yml
View File

@ -24,8 +24,7 @@ ul-indent:
indent: 4
no-inline-html: false
code-block-style: false
no-hard-tabs:
spaces-per-tab: 4
no-hard-tabs: true
emphasis-style:
style: "asterisk"
no-duplicate-header: false

1
.vscode/.empty-schema.json vendored Normal file
View File

@ -0,0 +1 @@
{}

5
.vscode/extensions.json vendored
View File

@ -24,6 +24,9 @@
"DavidAnson.vscode-markdownlint",
"wholroyd.jinja",
"mikestead.dotenv",
"matthewpi.caddyfile-support"
"matthewpi.caddyfile-support",
"redhat.vscode-yaml",
"ecmel.vscode-html-css",
"yzhang.markdown-all-in-one"
]
}

26
.vscode/settings.json vendored
View File

@ -20,6 +20,7 @@
{
"git.ignoreLimitWarning": true,
"ltex.diagnosticSeverity": "hint",
"[markdown]": {
"editor.unicodeHighlight.ambiguousCharacters": true,
"editor.unicodeHighlight.invisibleCharacters": true
@ -31,5 +32,28 @@
"files.associations": {
"*.caddy": "caddyfile",
"*.example-caddy": "caddyfile"
}
},
"editor.unicodeHighlight.invisibleCharacters": true,
"editor.defaultFormatter": "DavidAnson.vscode-markdownlint",
"[yaml]": {
"editor.defaultFormatter": "redhat.vscode-yaml",
"editor.quickSuggestions": {
"other": true,
"comments": false,
"strings": true
}
},
"yaml.schemas": {
"https://raw.githubusercontent.com/DavidAnson/markdownlint/main/schema/markdownlint-config-schema.json": ".markdownlint.yml",
"https://json.schemastore.org/github-issue-config.json": ".github/ISSUE_TEMPLATE/config.yml",
".vscode/.empty-schema.json": "config/*.yml"
},
"yaml.customTags": [
"!ENV sequence",
"!ENV",
"tag:yaml.org,2002:python/name:pymdownx.superfences.fence_code_format",
"tag:yaml.org,2002:python/name:material.extensions.emoji.twemoji",
"tag:yaml.org,2002:python/name:material.extensions.emoji.to_svg"
],
"editor.formatOnSave": true
}

8
README.md
View File

@ -1,4 +1,4 @@
<!-- markdownlint-disable MD041 -->
<!-- markdownlint-disable MD041 MD045 -->
<div align="center">
<a href="https://www.privacyguides.org">
<picture>
@ -50,9 +50,9 @@ The current list of team members can be found [here](https://www.privacyguides.o
- 💖 [Sponsor the project](https://github.com/sponsors/privacyguides)
- 🈴 [Help translate the site](https://crowdin.com/project/privacyguides) [[Matrix chat](https://matrix.to/#/#pg-i18n:aragon.sh)]
- 📝 Edit the site, everything's accessible in this repo
- Browse our [open issues](https://github.com/privacyguides/privacyguides.org/issues) to see what needs to be updated
- View the list of [approved topics waiting for a PR](https://discuss.privacyguides.net/tag/approved)
- Read some writing tips in our [style guide](https://www.privacyguides.org/en/meta/writing-style)
- Browse our [open issues](https://github.com/privacyguides/privacyguides.org/issues) to see what needs to be updated
- View the list of [approved topics waiting for a PR](https://discuss.privacyguides.net/tag/approved)
- Read some writing tips in our [style guide](https://www.privacyguides.org/en/meta/writing-style)
All contributors to the site are listed [here](https://github.com/privacyguides/privacyguides.org/graphs/contributors). If you make a substantial (i.e. copyright eligible) contribution to the project and would like to be formally credited, you are welcome to include your information in the appropriate `authors` section in [`CITATION.cff`](/CITATION.cff) as well, just submit a PR or ask @jonaharagon to make the change.

3
config/layouts/home.yml
View File

@ -1,5 +1,4 @@
definitions:
- &background_color >-
#FFD06F
@ -35,7 +34,6 @@ definitions:
# Meta tags
tags:
# Open Graph
og:type: website
og:title: *page_title_with_site_name
@ -59,7 +57,6 @@ tags:
# Card size and layers
size: { width: 1200, height: 630 }
layers:
# Background
- background:
color: *background_color

3
config/layouts/page.yml
View File

@ -1,5 +1,4 @@
definitions:
- &background_image >-
{%- if page.meta.cover -%}
theme/assets/img/cover/{{ page.meta.cover }}
@ -70,7 +69,6 @@ definitions:
# Meta tags
tags:
# Open Graph
og:type: website
og:title: *page_title_with_site_name
@ -94,7 +92,6 @@ tags:
# Card size and layers
size: { width: 1200, height: 630 }
layers:
# Background
- background:
image: *background_image

3
config/layouts/pride.yml
View File

@ -1,5 +1,4 @@
definitions:
- &background_image >-
{%- if page.meta.cover -%}
theme/assets/img/cover/{{ page.meta.cover }}
@ -55,7 +54,6 @@ definitions:
# Meta tags
tags:
# Open Graph
og:type: website
og:title: *page_title_with_site_name
@ -79,7 +77,6 @@ tags:
# Card size and layers
size: { width: 1200, height: 630 }
layers:
# Background
- background:
image: *background_image

192
config/mkdocs-common.yml
View File

@ -18,20 +18,29 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
docs_dir: '../docs'
docs_dir: "../docs"
site_url: "https://www.privacyguides.org/"
site_dir: '../site'
site_dir: "../site"
site_name: Privacy Guides
site_description: !ENV [SITE_DESCRIPTION, "Privacy Guides is your central privacy and security resource to protect yourself online."]
copyright: !ENV [FOOTER_COPYRIGHT, "&copy; 2019 Privacy Guides and contributors."]
site_description:
!ENV [
SITE_DESCRIPTION,
"Privacy Guides is your central privacy and security resource to protect yourself online.",
]
copyright:
!ENV [FOOTER_COPYRIGHT, "&copy; 2019 Privacy Guides and contributors."]
edit_uri: edit/main/docs/
extra:
generator: false
context: !ENV [CONTEXT, "production"]
deploy: !ENV DEPLOY_ID
homepage_description: !ENV [DESCRIPTION_HOMEPAGE, "A socially motivated website which provides information about protecting your online data privacy and security."]
homepage_description:
!ENV [
DESCRIPTION_HOMEPAGE,
"A socially motivated website which provides information about protecting your online data privacy and security.",
]
translation_notice: !ENV DESCRIPTION_TRANSLATION
translation_notice_cta: !ENV [DESCRIPTION_TRANSLATION_CTA, "Visit Crowdin"]
translation_notice_language: !ENV LANG_ENGLISH
@ -86,7 +95,11 @@ extra:
icon: https://raw.githubusercontent.com/twitter/twemoji/master/assets/svg/1f1f7-1f1fa.svg
consent:
title: !ENV [ANALYTICS_CONSENT_TITLE, "Contribute anonymous statistics"]
description: !ENV [ANALYTICS_CONSENT_BODY, "We use cookies to collect anonymous usage statistics. You can opt out if you wish."]
description:
!ENV [
ANALYTICS_CONSENT_BODY,
"We use cookies to collect anonymous usage statistics. You can opt out if you wish.",
]
cookies:
umami:
name: Self-Hosted Analytics
@ -219,86 +232,87 @@ markdown_extensions:
toc_depth: 4
nav:
- !ENV [NAV_HOME, 'Home']: 'index.md'
- !ENV [NAV_KNOWLEDGE_BASE, 'Knowledge Base']:
- 'basics/why-privacy-matters.md'
- 'basics/threat-modeling.md'
- 'basics/common-threats.md'
- 'basics/common-misconceptions.md'
- 'basics/account-creation.md'
- 'basics/account-deletion.md'
- !ENV [NAV_TECHNOLOGY_ESSENTIALS, 'Technology Essentials']:
- 'basics/passwords-overview.md'
- 'basics/multi-factor-authentication.md'
- 'basics/email-security.md'
- 'basics/vpn-overview.md'
- !ENV [NAV_ADVANCED_TOPICS, 'Advanced Topics']:
- 'advanced/dns-overview.md'
- 'advanced/tor-overview.md'
- 'advanced/payments.md'
- 'advanced/communication-network-types.md'
- !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']:
- 'os/android-overview.md'
- 'os/ios-overview.md'
- 'os/linux-overview.md'
- 'os/macos-overview.md'
- 'os/qubes-overview.md'
- kb-archive.md
- !ENV [NAV_RECOMMENDATIONS, 'Recommendations']:
- 'tools.md'
- !ENV [NAV_INTERNET_BROWSING, 'Internet Browsing']:
- 'tor.md'
- 'desktop-browsers.md'
- 'mobile-browsers.md'
- !ENV [NAV_PROVIDERS, 'Providers']:
- 'cloud.md'
- 'dns.md'
- 'email-aliasing.md'
- 'email.md'
- 'financial-services.md'
- 'photo-management.md'
- 'search-engines.md'
- 'vpn.md'
- !ENV [NAV_SOFTWARE, 'Software']:
- 'calendar.md'
- 'cryptocurrency.md'
- 'data-redaction.md'
- 'email-clients.md'
- 'encryption.md'
- 'file-sharing.md'
- 'frontends.md'
- 'multi-factor-authentication.md'
- 'news-aggregators.md'
- 'notebooks.md'
- 'passwords.md'
- 'productivity.md'
- 'real-time-communication.md'
- !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']:
- 'android.md'
- 'desktop.md'
- 'router.md'
- !ENV [NAV_ADVANCED, 'Advanced']:
- 'device-integrity.md'
- !ENV [NAV_ABOUT, 'About']:
- 'about/index.md'
- 'about/criteria.md'
- 'about/notices.md'
- 'about/privacy-policy.md'
- 'about/statistics.md'
- !ENV [NAV_COMMUNITY, 'Community']:
- 'about/donate.md'
- !ENV [NAV_ONLINE_SERVICES, 'Online Services']: 'about/services.md'
- !ENV [NAV_CODE_OF_CONDUCT, 'Code of Conduct']: 'CODE_OF_CONDUCT.md'
- 'about/privacytools.md'
- !ENV [NAV_CONTRIBUTING, 'Contributing']:
- !ENV [NAV_WRITING_GUIDE, 'Writing Guide']:
- 'meta/writing-style.md'
- 'meta/admonitions.md'
- 'meta/brand.md'
- 'meta/translations.md'
- !ENV [NAV_TECHNICAL_GUIDES, 'Technical Guides']:
- 'meta/uploading-images.md'
- 'meta/git-recommendations.md'
- !ENV [NAV_CHANGELOG, 'Changelog']: 'https://github.com/privacyguides/privacyguides.org/releases'
- !ENV [NAV_FORUM, 'Forum']: 'https://discuss.privacyguides.net/'
- !ENV [NAV_BLOG, 'Blog']: 'https://blog.privacyguides.org/'
- !ENV [NAV_HOME, "Home"]: "index.md"
- !ENV [NAV_KNOWLEDGE_BASE, "Knowledge Base"]:
- "basics/why-privacy-matters.md"
- "basics/threat-modeling.md"
- "basics/common-threats.md"
- "basics/common-misconceptions.md"
- "basics/account-creation.md"
- "basics/account-deletion.md"
- !ENV [NAV_TECHNOLOGY_ESSENTIALS, "Technology Essentials"]:
- "basics/passwords-overview.md"
- "basics/multi-factor-authentication.md"
- "basics/email-security.md"
- "basics/vpn-overview.md"
- !ENV [NAV_ADVANCED_TOPICS, "Advanced Topics"]:
- "advanced/dns-overview.md"
- "advanced/tor-overview.md"
- "advanced/payments.md"
- "advanced/communication-network-types.md"
- !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]:
- "os/android-overview.md"
- "os/ios-overview.md"
- "os/linux-overview.md"
- "os/macos-overview.md"
- "os/qubes-overview.md"
- kb-archive.md
- !ENV [NAV_RECOMMENDATIONS, "Recommendations"]:
- "tools.md"
- !ENV [NAV_INTERNET_BROWSING, "Internet Browsing"]:
- "tor.md"
- "desktop-browsers.md"
- "mobile-browsers.md"
- !ENV [NAV_PROVIDERS, "Providers"]:
- "cloud.md"
- "dns.md"
- "email-aliasing.md"
- "email.md"
- "financial-services.md"
- "photo-management.md"
- "search-engines.md"
- "vpn.md"
- !ENV [NAV_SOFTWARE, "Software"]:
- "calendar.md"
- "cryptocurrency.md"
- "data-redaction.md"
- "email-clients.md"
- "encryption.md"
- "file-sharing.md"
- "frontends.md"
- "multi-factor-authentication.md"
- "news-aggregators.md"
- "notebooks.md"
- "passwords.md"
- "productivity.md"
- "real-time-communication.md"
- !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]:
- "android.md"
- "desktop.md"
- "router.md"
- !ENV [NAV_ADVANCED, "Advanced"]:
- "device-integrity.md"
- !ENV [NAV_ABOUT, "About"]:
- "about/index.md"
- "about/criteria.md"
- "about/notices.md"
- "about/privacy-policy.md"
- "about/statistics.md"
- !ENV [NAV_COMMUNITY, "Community"]:
- "about/donate.md"
- !ENV [NAV_ONLINE_SERVICES, "Online Services"]: "about/services.md"
- !ENV [NAV_CODE_OF_CONDUCT, "Code of Conduct"]: "CODE_OF_CONDUCT.md"
- "about/privacytools.md"
- !ENV [NAV_CONTRIBUTING, "Contributing"]:
- !ENV [NAV_WRITING_GUIDE, "Writing Guide"]:
- "meta/writing-style.md"
- "meta/admonitions.md"
- "meta/brand.md"
- "meta/translations.md"
- !ENV [NAV_TECHNICAL_GUIDES, "Technical Guides"]:
- "meta/uploading-images.md"
- "meta/git-recommendations.md"
- !ENV [NAV_CHANGELOG, "Changelog"]:
"https://github.com/privacyguides/privacyguides.org/releases"
- !ENV [NAV_FORUM, "Forum"]: "https://discuss.privacyguides.net/"
- !ENV [NAV_BLOG, "Blog"]: "https://blog.privacyguides.org/"

1
config/mkdocs-offline.yml
View File

@ -44,5 +44,4 @@ plugins:
enabled: true
social:
enabled: false
# Edit the offline-mode navbar in mkdocs-common.yml

2
config/mkdocs.en.yml
View File

@ -20,7 +20,7 @@
INHERIT: mkdocs-common.yml
site_url: "https://www.privacyguides.org/en/"
site_dir: '../site/en'
site_dir: "../site/en"
theme:
# ENGLISH ONLY: this logo needs to be set separately because the relative path is different

4
config/mkdocs.es.yml
View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/es'
docs_dir: "../i18n/es"
site_url: "https://www.privacyguides.org/es/"
site_dir: '../site/es'
site_dir: "../site/es"
edit_uri: edit/main/i18n/es/

4
config/mkdocs.fr.yml
View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/fr'
docs_dir: "../i18n/fr"
site_url: "https://www.privacyguides.org/fr/"
site_dir: '../site/fr'
site_dir: "../site/fr"
edit_uri: edit/main/i18n/fr/

4
config/mkdocs.he.yml
View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/he'
docs_dir: "../i18n/he"
site_url: "https://www.privacyguides.org/he/"
site_dir: '../site/he'
site_dir: "../site/he"
edit_uri: edit/main/i18n/he/

4
config/mkdocs.it.yml
View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/it'
docs_dir: "../i18n/it"
site_url: "https://www.privacyguides.org/it/"
site_dir: '../site/it'
site_dir: "../site/it"
edit_uri: edit/main/i18n/it/

4
config/mkdocs.nl.yml
View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/nl'
docs_dir: "../i18n/nl"
site_url: "https://www.privacyguides.org/nl/"
site_dir: '../site/nl'
site_dir: "../site/nl"
edit_uri: edit/main/i18n/nl/

4
config/mkdocs.ru.yml
View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/ru'
docs_dir: "../i18n/ru"
site_url: "https://www.privacyguides.org/ru/"
site_dir: '../site/ru'
site_dir: "../site/ru"
edit_uri: edit/main/docs/

4
config/mkdocs.zh-Hant.yml
View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/zh-Hant'
docs_dir: "../i18n/zh-Hant"
site_url: "https://www.privacyguides.org/zh-Hant/"
site_dir: '../site/zh-Hant'
site_dir: "../site/zh-Hant"
edit_uri: edit/main/i18n/zh-Hant/

37
crowdin.yml
View File

@ -18,25 +18,26 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
#checkov:skip=CKV_SECRET_6:obviously a variable name and not a secret
api_token_env: CROWDIN_PERSONAL_TOKEN
project_id: "509862"
"preserve_hierarchy": true
files:
- source: "/docs/**/*.*"
translation: "/i18n/%two_letters_code%/**/%file_name%.%file_extension%"
skip_untranslated_files: false
- source: "/theme/overrides/*.en.html"
translation: "/theme/overrides/%file_name%.%two_letters_code%.html"
translation_replace:
"en.": ""
skip_untranslated_files: false
- source: "/includes/*.en.*"
translation: "/includes/%file_name%.%two_letters_code%.%file_extension%"
translation_replace:
"en.": ""
skip_untranslated_files: false
- source: "/static/i18n/*.en.*"
translation: "/static/i18n/%file_name%.%two_letters_code%.%file_extension%"
translation_replace:
"en.": ""
skip_untranslated_files: false
- source: "/docs/**/*.*"
translation: "/i18n/%two_letters_code%/**/%file_name%.%file_extension%"
skip_untranslated_files: false
- source: "/theme/overrides/*.en.html"
translation: "/theme/overrides/%file_name%.%two_letters_code%.html"
translation_replace:
"en.": ""
skip_untranslated_files: false
- source: "/includes/*.en.*"
translation: "/includes/%file_name%.%two_letters_code%.%file_extension%"
translation_replace:
"en.": ""
skip_untranslated_files: false
- source: "/static/i18n/*.en.*"
translation: "/static/i18n/%file_name%.%two_letters_code%.%file_extension%"
translation_replace:
"en.": ""
skip_untranslated_files: false

12
docs/about/index.md
View File

@ -48,12 +48,12 @@ So far in 2023 we've launched international translations of our website in [Fren
<!-- markdownlint-disable MD030 -->
<div class="grid cards" markdown>
<!-- Every team member should have a unique emoji.
Team member cards should include ONLY the following links:
- Discourse Profile
- ONE Link of team member's choice
- Email if applicable
This is to keep it fair and not spammy, especially as we grow.
<!-- Every team member should have a unique emoji.
Team member cards should include ONLY the following links:
- Discourse Profile
- ONE Link of team member's choice
- Email if applicable
This is to keep it fair and not spammy, especially as we grow.
-->
- :robot:{ .lg .middle } **@jonah**

12
docs/about/privacytools.md
View File

@ -1,8 +1,6 @@
---
title: "PrivacyTools FAQ"
---
# Why we moved on from PrivacyTools
In September 2021, every active contributor unanimously agreed to move from PrivacyTools to work on this site: Privacy Guides. This decision was made because PrivacyTools founder and controller of the domain name had disappeared for an extended period of time and could not be contacted.
Having built a reputable site and set of services on PrivacyTools.io, this caused grave concerns for the future of PrivacyTools, as any future disruption could wipe out the entire organization with no recovery method. This transition was communicated to the PrivacyTools community many months in advance via a variety of channels including its blog, Twitter, Reddit, and Mastodon to ensure the entire process went as smoothly as possible. We did this to ensure nobody was kept in the dark, which has been our modus operandi since our team was created, and to make sure Privacy Guides was recognized as the same reliable organization that PrivacyTools was before the transition.
@ -49,11 +47,11 @@ Reddit requires that subreddits have active moderators. If the primary moderator
On September 14th, 2021, we [announced](https://blog.privacyguides.org/2021/09/14/welcome-to-privacy-guides) the beginning of our migration to this new domain:
> [...] we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to www.privacyguides.org, and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc.
> [...] we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to `www.privacyguides.org`, and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc.
This change [entailed:](https://reddit.com/comments/pnhn4a)
- Redirecting www.privacytools.io to [www.privacyguides.org](https://www.privacyguides.org).
- Redirecting `www.privacytools.io` to [www.privacyguides.org](https://www.privacyguides.org).
- Archiving the source code on GitHub to preserve our past work and issue tracker, which we continued to use for months of future development of this site.
- Posting announcements to our subreddit and various other communities informing people of the official change.
- Formally closing privacytools.io services, like Matrix and Mastodon, and encouraging existing users to migrate as soon as possible.
@ -64,7 +62,7 @@ Things appeared to be going smoothly, and most of our active community made the
Roughly a week following the transition, BurungHantu returned online for the first time in nearly a year, however nobody on our team was willing to return to PrivacyTools because of his historic unreliability. Rather than apologize for his prolonged absence, he immediately went on the offensive and positioned the transition to Privacy Guides as an attack against him and his project. He subsequently [deleted](https://reddit.com/comments/pp9yie/comment/hd49wbn) many of these posts when it was pointed out by the community that he had been absent and abandoned the project.
At this point, BurungHantu claimed he wanted to continue working on privacytools.io on his own and requested that we remove the redirect from www.privacytools.io to [www.privacyguides.org](https://www.privacyguides.org). We obliged and requested that he keep the subdomains for Matrix, Mastodon, and PeerTube active for us to run as a public service to our community for at least a few months, in order to allow users on those platforms to easily migrate to other accounts. Due to the federated nature of the services we provided, they were tied to specific domain names making it very difficult to migrate (and in some cases impossible).
At this point, BurungHantu claimed he wanted to continue working on privacytools.io on his own and requested that we remove the redirect from `www.privacytools.io` to [www.privacyguides.org](https://www.privacyguides.org). We obliged and requested that he keep the subdomains for Matrix, Mastodon, and PeerTube active for us to run as a public service to our community for at least a few months, in order to allow users on those platforms to easily migrate to other accounts. Due to the federated nature of the services we provided, they were tied to specific domain names making it very difficult to migrate (and in some cases impossible).
Unfortunately, because control of the r/privacytoolsIO subreddit was not returned to BurungHantu at his demand (further information below), those subdomains were [cut off](https://reddit.com/comments/pymthv/comment/hexwrps) at the beginning of October, ending any migration possibilities to any users still using those services.
@ -84,7 +82,7 @@ After the launch of [r/PrivacyGuides](https://reddit.com/r/privacyguides), it wa
> [...] The growth of this Sub was the result of great effort, across several years, by the PrivacyGuides.org team. And by every one of you.
>
> A Subreddit is a great deal of work to administer and moderate. Like a garden, it requires patient tending and daily care. Its not a task for dilettantes or commitment-challenged people. It cant thrive under a gardener who abandons it for several years, then shows up demanding this years harvest as their tribute. Its unfair to the team formed years ago. Its unfair to you. [...]
> A Subreddit is a great deal of work to administer and moderate. Like a garden, it requires patient tending and daily care. It's not a task for dilettantes or commitment-challenged people. It cant thrive under a gardener who abandons it for several years, then shows up demanding this years harvest as their tribute. It's unfair to the team formed years ago. Its unfair to you. [...]
Subreddits do not belong to anybody, and they especially do not belong to brand-holders. They belong to their communities, and the community and its moderators made the decision to support the move to r/PrivacyGuides.
@ -100,7 +98,7 @@ Our fundraising platform, OpenCollective, is another source of contention. Our p
Thus, the funds in OpenCollective belong to Privacy Guides, they were given to our project, and not the owner of a well known domain name. In the announcement made to donors on September 17th, 2021, we offered refunds to any donor who disagrees with the stance we took, but nobody has taken us up on this offer:
> If any sponsors or backers disagree with or feel misled by these recent events and would like to request a refund given these highly unusual circumstances, please get in touch with our project admin by emailing jonah@triplebit.net.
> If any sponsors or backers disagree with or feel misled by these recent events and would like to request a refund given these highly unusual circumstances, please get in touch with our project admin by emailing `jonah@triplebit.net`.
## Further Reading

6
docs/about/services.md
View File

@ -13,14 +13,14 @@ We run a number of web services to test out features and promote cool decentrali
## Gitea
- Domain: [code.privacyguides.dev](https://code.privacyguides.dev)
- Availability: Invite-Only
- Availability: Invite-Only
Access may be granted upon request to any team working on *Privacy Guides*-related development or content.
- Source: [snapcraft.io/gitea](https://snapcraft.io/gitea)
## Matrix
- Domain: [matrix.privacyguides.org](https://matrix.privacyguides.org)
- Availability: Invite-Only
- Availability: Invite-Only
Access may be granted upon request to Privacy Guides team members, Matrix moderators, third-party Matrix community administrators, Matrix bot operators, and other individuals in need of a reliable Matrix presence.
- Source: [github.com/spantaleev/matrix-docker-ansible-deploy](https://github.com/spantaleev/matrix-docker-ansible-deploy)
@ -33,6 +33,6 @@ Access may be granted upon request to Privacy Guides team members, Matrix modera
## Invidious
- Domain: [invidious.privacyguides.net](https://invidious.privacyguides.net)
- Availability: Semi-Public
- Availability: Semi-Public
We host Invidious primarily to serve embedded YouTube videos on our website, this instance is not intended for general-purpose use and may be limited at any time.
- Source: [github.com/iv-org/invidious](https://github.com/iv-org/invidious)

4
docs/advanced/dns-overview.md
View File

@ -354,8 +354,8 @@ dig +nocmd @9.9.9.11 -t txt o-o.myaddr.l.google.com +nocomments +noall +answer +
If the results include a second edns0-client-subnet TXT record (like shown below), then your DNS server is passing along EDNS information. The IP or network shown after is the precise information which was shared with Google by your DNS provider.
```text
o-o.myaddr.l.google.com. 60 IN TXT "198.51.100.32"
o-o.myaddr.l.google.com. 60 IN TXT "edns0-client-subnet 198.51.100.0/24"
o-o.myaddr.l.google.com. 60 IN TXT "198.51.100.32"
o-o.myaddr.l.google.com. 60 IN TXT "edns0-client-subnet 198.51.100.0/24"
;; Query time: 64 msec
;; SERVER: 9.9.9.11#53(9.9.9.11)
;; WHEN: Wed Mar 13 10:23:08 CDT 2024

14
docs/basics/common-misconceptions.md
View File

@ -77,21 +77,21 @@ One of the clearest threat models is one where people *know who you are* and one
1. **Known identity** - A known identity is used for things where you must declare your name. There are many legal documents and contracts where a legal identity is required. This could range from opening a bank account, signing a property lease, obtaining a passport, customs declarations when importing items, or otherwise dealing with your government. These things will usually lead to credentials such as credit cards, credit rating checks, account numbers, and possibly physical addresses.
We don't suggest using a VPN or Tor for any of these things, as your identity is already known through other means.
We don't suggest using a VPN or Tor for any of these things, as your identity is already known through other means.
<div class="admonition tip" markdown>
<p class="admonition-title">Tip</p>
<div class="admonition tip" markdown>
<p class="admonition-title">Tip</p>
When shopping online, the use of a [parcel locker](https://en.wikipedia.org/wiki/Parcel_locker) can help keep your physical address private.
When shopping online, the use of a [parcel locker](https://en.wikipedia.org/wiki/Parcel_locker) can help keep your physical address private.
</div>
</div>
2. **Unknown identity** - An unknown identity could be a stable pseudonym that you regularly use. It is not anonymous because it doesn't change. If you're part of an online community, you may wish to retain a persona that others know. This pseudonym isn't anonymous because—if monitored for long enough—details about the owner can reveal further information, such as the way they write, their general knowledge about topics of interest, etc.
You may wish to use a VPN for this, to mask your IP address. Financial transactions are more difficult to mask: You could consider using anonymous cryptocurrencies, such as [Monero](https://getmonero.org). Employing altcoin shifting may also help to disguise where your currency originated. Typically, exchanges require KYC (know your customer) to be completed before they'll allow you to exchange fiat currency into any kind of cryptocurrency. Local meet-up options may also be a solution; however, those are often more expensive and sometimes also require KYC.
You may wish to use a VPN for this, to mask your IP address. Financial transactions are more difficult to mask: You could consider using anonymous cryptocurrencies, such as [Monero](https://getmonero.org). Employing altcoin shifting may also help to disguise where your currency originated. Typically, exchanges require KYC (know your customer) to be completed before they'll allow you to exchange fiat currency into any kind of cryptocurrency. Local meet-up options may also be a solution; however, those are often more expensive and sometimes also require KYC.
3. **Anonymous identity** - Even with experience, anonymous identities are difficult to maintain over long periods of time. They should be short-term and short-lived identities which are rotated regularly.
Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.)
Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.)
[^1]: One notable example of this is the [2021 incident in which University of Minnesota researchers introduced three vulnerabilities into the Linux kernel development project](https://cse.umn.edu/cs/linux-incident).

2
docs/basics/multi-factor-authentication.md
View File

@ -158,7 +158,7 @@ Qubes OS has support for Challenge-Response authentication with YubiKeys. If you
SSH MFA could be set up using multiple different authentication methods that are popular with hardware security keys. We recommend that you check out Yubico's [documentation](https://developers.yubico.com/SSH) on how to set this up.
#### Time-based One-time Password (TOTP)
#### TOTP
SSH MFA can also be set up using TOTP. DigitalOcean has provided a tutorial [How To Set Up Multi-Factor Authentication for SSH on Ubuntu 20.04](https://digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-20-04). Most things should be the same regardless of distribution, however the package manager commands—such as `apt-get`—and package names may differ.

3
docs/basics/why-privacy-matters.md
View File

@ -10,16 +10,19 @@ Privacy is ultimately about human information, and this is important because we
Many people get the concepts of **privacy**, **security**, and **anonymity** confused. You'll see people criticize various products as "not private" when really they mean it doesn't provide anonymity, for example. On this website, we cover all three of these topics, but it is important you understand the difference between them, and when each one comes into play.
<!-- markdownlint-disable-next-line -->
**Privacy**
: ==Privacy is the assurance that your data is only seen by the parties you intend to view it.== In the context of an instant messenger, for example, end-to-end encryption provides privacy by keeping your message visible only to yourself and the recipient.
<!-- markdownlint-disable-next-line -->
**Security**
: Security is the ability to trust the applications you use—that the parties involved are who they say they are—and keep those applications safe. In the context of browsing the web, for example, security can be provided by HTTPS certificates.
: Certificates prove you are talking directly to the website you're visiting, and keep attackers on your network from reading or modifying the data sent to or from the website.
<!-- markdownlint-disable-next-line -->
**Anonymity**
: Anonymity is the ability to act without a persistent identifier. You might achieve this online with [Tor](../tor.md), which allows you to browse the internet with a random IP address and network connection instead of your own.

2
docs/cloud.md
View File

@ -45,7 +45,7 @@ The Proton Drive web application has been independently audited by Securitum in
> Auditors identified two low-severity vulnerabilities. Additionally, five general recommendations were reported. At the same time, we confirm that no important security issues were identified during the pentest.
Proton Drive's brand new mobile clients have not yet been publicly audited by a third-party.
Proton Drive's brand new mobile clients have not yet been publicly audited by a third party.
## Tresorit

6
docs/desktop-browsers.md
View File

@ -139,7 +139,7 @@ Firefox includes a unique [download token](https://bugzilla.mozilla.org/show_bug
</div>
### Recommended Configuration
### Recommended Firefox Configuration
These options can be found in :material-menu: → **Settings**
@ -256,7 +256,7 @@ Brave adds a "[referral code](https://github.com/brave/brave-browser/wiki/Brave%
</div>
### Recommended Configuration
### Recommended Brave Configuration
These options can be found in :material-menu: → **Settings**.
@ -339,7 +339,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack
1. This option is not present on all platforms.
#### Sync
#### Brave Sync
[Brave Sync](https://support.brave.com/hc/articles/360059793111-Understanding-Brave-Sync) allows your browsing data (history, bookmarks, etc.) to be accessible on all your devices without requiring an account and protects it with E2EE.

3
docs/email.md
View File

@ -5,6 +5,7 @@ icon: material/email
description: These email providers offer a great place to store your emails securely, and many offer interoperable OpenPGP encryption with other providers.
cover: email.webp
---
<!-- markdownlint-disable MD024 -->
Email is practically a necessity for using any online service, however we do not recommend it for person-to-person conversations. Rather than using email to contact other people, consider using an instant messaging medium that supports forward secrecy.
[Recommended Instant Messengers](real-time-communication.md){ .md-button }
@ -70,7 +71,7 @@ OpenPGP also does not support Forward secrecy, which means if either your or the
Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g. Thunderbird). Paid accounts include features like Proton Mail Bridge, additional storage, and custom domain support. A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton Mail's apps on 9th November 2021 by [Securitum](https://research.securitum.com).
If you have the Proton Unlimited, Business, or Visionary Plan, you also get [SimpleLogin](#simplelogin) Premium for free.
If you have the Proton Unlimited, Business, or Visionary Plan, you also get [SimpleLogin](email-aliasing.md#simplelogin) Premium for free.
Proton Mail has internal crash reports that they **do not** share with third parties. This can be disabled in: **Settings** > **Go to Settings** > **Account** > **Security and privacy** > **Send crash reports**.

32
docs/encryption.md
View File

@ -126,28 +126,32 @@ BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-devi
To enable BitLocker on "Home" editions of Windows, you must have partitions formatted with a [GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table) and have a dedicated TPM (v1.2, 2.0+) module. You may need to [disable the non-Bitlocker "Device encryption" functionality](https://discuss.privacyguides.net/t/enabling-bitlocker-on-the-windows-11-home-edition/13303/5) (which is inferior because it sends your recovery key to Microsoft's servers) if it is enabled on your device already before following this guide.
1. Open a command prompt and check your drive's partition table format with the following command. You should see "**GPT**" listed under "Partition Style":
```powershell
powershell Get-Disk
```
```powershell
powershell Get-Disk
```
2. Run this command (in an admin command prompt) to check your TPM version. You should see `2.0` or `1.2` listed next to `SpecVersion`:
```powershell
powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm
```
```powershell
powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm
```
3. Access [Advanced Startup Options](https://support.microsoft.com/windows/advanced-startup-options-including-safe-mode-b90e7808-80b5-a291-d4b8-1a1af602b617). You need to reboot while pressing the F8 key before Windows starts and go into the *command prompt* in **Troubleshoot****Advanced Options****Command Prompt**.
4. Login with your admin account and type this in the command prompt to start encryption:
```powershell
manage-bde -on c: -used
```
```powershell
manage-bde -on c: -used
```
5. Close the command prompt and continue booting to regular Windows.
6. Open an admin command prompt and run the following commands:
```powershell
manage-bde c: -protectors -add -rp -tpm
manage-bde -protectors -enable c:
manage-bde -protectors -get c: > %UserProfile%\Desktop\BitLocker-Recovery-Key.txt
```
```powershell
manage-bde c: -protectors -add -rp -tpm
manage-bde -protectors -enable c:
manage-bde -protectors -get c: > %UserProfile%\Desktop\BitLocker-Recovery-Key.txt
```
<div class="admonition tip" markdown>
<p class="admonition-title">Tip</p>

3
docs/file-sharing.md
View File

@ -14,7 +14,7 @@ Discover how to privately share your files between your devices, with your frien
![Send logo](assets/img/file-sharing-sync/send.svg){ align=right }
**Send** is a fork of Mozillas discontinued Firefox Send service which allows you to send files to others with a link. Files are encrypted on your device so that they cannot be read by the server, and they can be optionally password-protected as well. The maintainer of Send hosts a [public instance](https://send.vis.ee). You can use other public instances, or you can host Send yourself.
**Send** is a fork of Mozilla's discontinued Firefox Send service which allows you to send files to others with a link. Files are encrypted on your device so that they cannot be read by the server, and they can be optionally password-protected as well. The maintainer of Send hosts a [public instance](https://send.vis.ee). You can use other public instances, or you can host Send yourself.
[:octicons-home-16: Homepage](https://send.vis.ee){ .md-button .md-button--primary }
[:octicons-server-16:](https://github.com/timvisee/send-instances){ .card-link title="Public Instances"}
@ -144,6 +144,7 @@ We don't recommend using the [E2EE App](https://apps.nextcloud.com/apps/end_to_e
</div>
<!-- markdownlint-disable-next-line -->
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.

1
docs/financial-services.md
View File

@ -84,6 +84,7 @@ These services allow you to purchase gift cards for a variety of merchants onlin
</div>
<!-- markdownlint-disable-next-line -->
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.

2
docs/index.md
View File

@ -36,7 +36,7 @@ schema:
urlTemplate: "https://www.privacyguides.org/?q={search_term_string}"
query-input: required name=search_term_string
---
<!-- markdownlint-disable-next-line -->
<!-- markdownlint-disable -->
## Why should I care?
##### “I have nothing to hide. Why should I care about my privacy?”

2
docs/kb-archive.md
View File

@ -3,8 +3,6 @@ title: KB Archive
icon: material/archive
description: Some pages that used to be in our knowledge base can now be found on our blog.
---
# Pages Moved to Blog
Some pages that used to be in our knowledge base can now be found on our blog:
- [GrapheneOS vs. CalyxOS](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos)

2
docs/meta/brand.md
View File

@ -19,4 +19,4 @@ Additional branding guidelines can be found at [github.com/privacyguides/brand](
"Privacy Guides" and the shield logo are trademarks owned by Jonah Aragon, unlimited usage is granted to the Privacy Guides project.
Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at jonah@privacyguides.org. Consult your legal counsel if you have questions.
Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at `jonah@privacyguides.org`. Consult your legal counsel if you have questions.

23
docs/meta/git-recommendations.md
View File

@ -8,15 +8,18 @@ If you make changes to this website on GitHub.com's web editor directly, you sho
You can use an existing SSH key for signing, or [create a new one](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent).
1. Configure your Git client to sign commits and tags by default (remove `--global` to only sign by default for this repo):
```
git config --global commit.gpgsign true
git config --global gpg.format ssh
git config --global tag.gpgSign true
```
```bash
git config --global commit.gpgsign true
git config --global gpg.format ssh
git config --global tag.gpgSign true
```
2. Set your SSH key for signing in Git with the following command, substituting `/PATH/TO/.SSH/KEY.PUB` with the path to the public key you'd like to use, e.g. `/home/user/.ssh/id_ed25519.pub`:
```
git config --global user.signingkey /PATH/TO/.SSH/KEY.PUB
```
```bash
git config --global user.signingkey /PATH/TO/.SSH/KEY.PUB
```
Ensure you [add your SSH key to your GitHub account](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account#adding-a-new-ssh-key-to-your-account) **as a Signing Key** (as opposed to or in addition to as an Authentication Key).
@ -26,7 +29,7 @@ Use `git pull --rebase` instead of `git pull` when pulling in changes from GitHu
You can set this to be the default behavior:
```
```bash
git config --global pull.rebase true
```
@ -34,7 +37,7 @@ git config --global pull.rebase true
If you are working on your own branch, run these commands before submitting a PR:
```
```bash
git fetch origin
git rebase origin/main
```

4
docs/mobile-browsers.md
View File

@ -68,7 +68,7 @@ Brave is built upon the Chromium web browser project, so it should feel familiar
</div>
#### Recommended Configuration
#### Recommended Brave Configuration
Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.
@ -150,7 +150,7 @@ On iOS, any app that can browse the web is [restricted](https://developer.apple.
</div>
#### Recommended Configuration
#### Recommended Firefox Configuration
These options can be found in :gear: **Settings** → **Safari**

1
docs/multi-factor-authentication.md
View File

@ -151,6 +151,7 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative
</div>
<!-- markdownlint-disable-next-line -->
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.

1
docs/passwords.md
View File

@ -366,6 +366,7 @@ These products are minimal password managers that can be used within scripting a
</div>
<!-- markdownlint-disable-next-line -->
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.

1
docs/productivity.md
View File

@ -4,6 +4,7 @@ icon: material/file-sign
description: Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do.
cover: productivity.webp
---
<!-- markdownlint-disable MD024 -->
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The privacy policy may legally protect your rights, but it does not provide technical access constraints.
## Collaboration Platforms

1
docs/tools.md
View File

@ -62,6 +62,7 @@ For more details about each project, why they were chosen, and additional tips o
[Learn more :material-arrow-right-drop-circle:](mobile-browsers.md)
<!-- markdownlint-disable-next-line -->
### Additional Resources
<div class="grid cards annotate" markdown>

1
docs/vpn.md
View File

@ -5,6 +5,7 @@ icon: material/vpn
description: These are the best VPN services for protecting your privacy and security online. Find a provider here that isnt out to spy on you.
cover: vpn.webp
---
<!-- markdownlint-disable MD024 -->
If you're looking for additional **privacy** from your ISP, on a public Wi-Fi network, or while torrenting files, a VPN may be the solution for you as long as you understand the risks involved. We think these providers are a cut above the rest:

66
includes/strings.en.env
View File

@ -1,44 +1,44 @@
ANALYTICS_CONSENT_BODY="We collect anonymous statistics about your visits to help us improve the site. We do not track you across other websites. If you disable this, we will not know when you have visited our site. We will save a single cookie in your browser to remember your preference."
ANALYTICS_CONSENT_TITLE="Contribute anonymous statistics"
LANG="English"
LANG_ENGLISH="English"
SITE_NAME="Privacy Guides"
SITE_DESCRIPTION="Privacy Guides is your central privacy and security resource to protect yourself online."
FOOTER_COPYRIGHT_INTRO="<b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy."
DESCRIPTION_HOMEPAGE="A socially motivated website which provides information about protecting your online data privacy and security."
DESCRIPTION_TRANSLATION="You're viewing the $LANG copy of Privacy Guides, translated by our fantastic language team on Crowdin. If you notice an error, or see any untranslated sections on this page, please consider helping out!"
DESCRIPTION_TRANSLATION_CTA="Visit Crowdin"
FOOTER_COPYRIGHT_AFFILIATE="We do not make money from recommending certain products, and we do not use affiliate links."
FOOTER_COPYRIGHT_ANALYTICS="Anonymous statistics preferences."
FOOTER_COPYRIGHT_DATE="2019 - 2024 Privacy Guides and contributors."
FOOTER_COPYRIGHT_ICON='<span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="m245.83 214.87-33.22 17.28c-9.43-19.58-25.24-19.93-27.46-19.93-22.13 0-33.22 14.61-33.22 43.84 0 23.57 9.21 43.84 33.22 43.84 14.47 0 24.65-7.09 30.57-21.26l30.55 15.5c-6.17 11.51-25.69 38.98-65.1 38.98-22.6 0-73.96-10.32-73.96-77.05 0-58.69 43-77.06 72.63-77.06 30.72-.01 52.7 11.95 65.99 35.86zm143.05 0-32.78 17.28c-9.5-19.77-25.72-19.93-27.9-19.93-22.14 0-33.22 14.61-33.22 43.84 0 23.55 9.23 43.84 33.22 43.84 14.45 0 24.65-7.09 30.54-21.26l31 15.5c-2.1 3.75-21.39 38.98-65.09 38.98-22.69 0-73.96-9.87-73.96-77.05 0-58.67 42.97-77.06 72.63-77.06 30.71-.01 52.58 11.95 65.56 35.86zM247.56 8.05C104.74 8.05 0 123.11 0 256.05c0 138.49 113.6 248 247.56 248 129.93 0 248.44-100.87 248.44-248 0-137.87-106.62-248-248.44-248zm.87 450.81c-112.54 0-203.7-93.04-203.7-202.81 0-105.42 85.43-203.27 203.72-203.27 112.53 0 202.82 89.46 202.82 203.26-.01 121.69-99.68 202.82-202.84 202.82z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M314.9 194.4v101.4h-28.3v120.5h-77.1V295.9h-28.3V194.4c0-4.4 1.6-8.2 4.6-11.3 3.1-3.1 6.9-4.7 11.3-4.7H299c4.1 0 7.8 1.6 11.1 4.7 3.1 3.2 4.8 6.9 4.8 11.3zm-101.5-63.7c0-23.3 11.5-35 34.5-35s34.5 11.7 34.5 35c0 23-11.5 34.5-34.5 34.5s-34.5-11.5-34.5-34.5zM247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3zm94 144.3v42.5H162.1V197h180.3zm0 79.8v42.5H162.1v-42.5h180.3z"></path></svg></span>'
FOOTER_COPYRIGHT_INTRO="<b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy."
FOOTER_COPYRIGHT_LICENSE="Content license:"
FOOTER_COPYRIGHT="$FOOTER_COPYRIGHT_INTRO <br> $FOOTER_COPYRIGHT_AFFILIATE <br> &copy; $FOOTER_COPYRIGHT_DATE $FOOTER_COPYRIGHT_ICON $FOOTER_COPYRIGHT_LICENSE <a href='/license'><strong>CC BY-ND 4.0</strong></a>. <a href='#__consent'>$FOOTER_COPYRIGHT_ANALYTICS</a>"
THEME_LIGHT="Switch to light mode"
THEME_DARK="Switch to dark mode"
THEME_AUTO="Switch to system theme"
DESCRIPTION_HOMEPAGE="A socially motivated website which provides information about protecting your online data privacy and security."
DESCRIPTION_TRANSLATION="You're viewing the $LANG copy of Privacy Guides, translated by our fantastic language team on Crowdin. If you notice an error, or see any untranslated sections on this page, please consider helping out!"
DESCRIPTION_TRANSLATION_CTA="Visit Crowdin"
SOCIAL_MASTODON="Mastodon"
SOCIAL_MATRIX="Matrix"
LANG="English"
LANG_ENGLISH="English"
NAV_ABOUT="About"
NAV_ADVANCED="Advanced"
NAV_ADVANCED_TOPICS="Advanced Topics"
NAV_BLOG="Blog"
NAV_CHANGELOG="Changelog"
NAV_CODE_OF_CONDUCT="Code of Conduct"
NAV_COMMUNITY="Community"
NAV_CONTRIBUTING="Contributing"
NAV_FORUM="Forum"
NAV_HOME="Home"
NAV_INTERNET_BROWSING="Internet Browsing"
NAV_KNOWLEDGE_BASE="Knowledge Base"
NAV_ONLINE_SERVICES="Online Services"
NAV_OPERATING_SYSTEMS="Operating Systems"
NAV_PROVIDERS="Providers"
NAV_RECOMMENDATIONS="Recommendations"
NAV_SOFTWARE="Software"
NAV_TECHNICAL_GUIDES="Technical Guides"
NAV_TECHNOLOGY_ESSENTIALS="Technology Essentials"
NAV_WRITING_GUIDE="Writing Guide"
SITE_DESCRIPTION="Privacy Guides is your central privacy and security resource to protect yourself online."
SITE_NAME="Privacy Guides"
SOCIAL_FORUM="Forum"
SOCIAL_GITHUB="GitHub"
SOCIAL_MASTODON="Mastodon"
SOCIAL_MATRIX="Matrix"
SOCIAL_TOR_SITE="Hidden service"
NAV_HOME="Home"
NAV_KNOWLEDGE_BASE="Knowledge Base"
NAV_TECHNOLOGY_ESSENTIALS="Technology Essentials"
NAV_OPERATING_SYSTEMS="Operating Systems"
NAV_ADVANCED_TOPICS="Advanced Topics"
NAV_RECOMMENDATIONS="Recommendations"
NAV_INTERNET_BROWSING="Internet Browsing"
NAV_PROVIDERS="Providers"
NAV_SOFTWARE="Software"
NAV_ADVANCED="Advanced"
NAV_ABOUT="About"
NAV_COMMUNITY="Community"
NAV_ONLINE_SERVICES="Online Services"
NAV_CODE_OF_CONDUCT="Code of Conduct"
NAV_CONTRIBUTING="Contributing"
NAV_WRITING_GUIDE="Writing Guide"
NAV_TECHNICAL_GUIDES="Technical Guides"
NAV_CHANGELOG="Changelog"
NAV_FORUM="Forum"
NAV_BLOG="Blog"
THEME_AUTO="Switch to system theme"
THEME_DARK="Switch to dark mode"
THEME_LIGHT="Switch to light mode"

2
theme/assets/stylesheets/home.css
View File

@ -109,7 +109,7 @@ article.md-content__inner {
article.md-content__inner > * {
max-width: 38rem;
}
article.md-content__inner > *:nth-child(n+8):nth-child(-n+12) {
article.md-content__inner > *:nth-child(n+7):nth-child(-n+12) {
margin-left: auto;
margin-right: 0;
text-align: right;

8
theme/assets/stylesheets/lang-he.css
View File

@ -26,7 +26,7 @@
font-style: normal;
font-weight: 400;
font-display: swap;
src: url(https://fonts.bunny.net/suez-one/files/suez-one-hebrew-400-normal.woff2) format('woff2');
src: url(https://fonts.bunny.net/suez-one/files/suez-one-hebrew-400-normal.woff2) format('woff2');
unicode-range: U+0590-05FF,U+200C-2010,U+20AA,U+25CC,U+FB1D-FB4F;
}
@ -36,7 +36,7 @@
font-style: normal;
font-weight: 400;
font-display: swap;
src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-400-normal.woff2) format('woff2');
src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-400-normal.woff2) format('woff2');
unicode-range: U+0000-00FF,U+0131,U+0152-0153,U+02BB-02BC,U+02C6,U+02DA,U+02DC,U+2000-206F,U+2074,U+20AC,U+2122,U+2191,U+2193,U+2212,U+2215,U+FEFF,U+FFFD;
}
@ -46,10 +46,10 @@
font-style: normal;
font-weight: 400;
font-display: swap;
src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-ext-400-normal.woff2) format('woff2');
src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-ext-400-normal.woff2) format('woff2');
unicode-range: U+0100-024F,U+0259,U+1E00-1EFF,U+2020,U+20A0-20AB,U+20AD-20CF,U+2113,U+2C60-2C7F,U+A720-A7FF;
}
h1, h2, h3, .md-header__topic {
font-family: "Bagnard", "Suez One", serif;
}

6
theme/assets/stylesheets/lang-ru.css
View File

@ -27,7 +27,7 @@
font-weight: 700;
font-stretch: 100%;
font-display: swap;
src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff) format('woff');
src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff) format('woff');
unicode-range: U+0301,U+0400-045F,U+0490-0491,U+04B0-04B1,U+2116;
}
@ -38,7 +38,7 @@
font-weight: 700;
font-stretch: 100%;
font-display: swap;
src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff) format('woff');
src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff) format('woff');
unicode-range: U+0000-00FF,U+0131,U+0152-0153,U+02BB-02BC,U+02C6,U+02DA,U+02DC,U+0300-0301,U+0303-0304,U+0308-0309,U+0323,U+0329,U+2000-206F,U+2074,U+20AC,U+2122,U+2191,U+2193,U+2212,U+2215,U+FEFF,U+FFFD;
}
@ -49,7 +49,7 @@
font-weight: 700;
font-stretch: 100%;
font-display: swap;
src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff) format('woff');
src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff) format('woff');
unicode-range: U+0100-02AF,U+0300-0301,U+0303-0304,U+0308-0309,U+0323,U+0329,U+1E00-1EFF,U+2020,U+20A0-20AB,U+20AD-20CF,U+2113,U+2C60-2C7F,U+A720-A7FF;
}

8
theme/assets/stylesheets/lang-zh-Hant.css
View File

@ -25,7 +25,7 @@
font-family: 'Noto Serif TC';
font-style: normal;
font-weight: 400;
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff) format('woff');
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff) format('woff');
}
/* latin */
@ -33,7 +33,7 @@
font-family: 'Noto Serif TC';
font-style: normal;
font-weight: 400;
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff) format('woff');
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff) format('woff');
}
/* chinese-traditional */
@ -41,7 +41,7 @@
font-family: 'Noto Serif TC';
font-style: normal;
font-weight: 700;
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff) format('woff');
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff) format('woff');
}
/* latin */
@ -49,7 +49,7 @@
font-family: 'Noto Serif TC';
font-style: normal;
font-weight: 700;
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff) format('woff');
src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff) format('woff');
}
h1, h2, h3, .md-header__topic {